Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/0b7fd3-90f0-45d1-8a58-6785cd456871/1/9gaUfOMBQm2KM_-FVyRBbkK_6A4.roa
File:                     9gaUfOMBQm2KM_-FVyRBbkK_6A4.roa (raw, json)
Hash identifier:          xO9OZEKEMFsjPw3Zz6tJW9ZV1KGvYi0ttrOm6r4LbhA=
Subject key identifier:   F6:06:94:7C:E3:01:42:6D:8A:33:FF:85:57:24:41:6E:42:BF:E8:0E
Certificate issuer:       /CN=e138ec242a43e9c9d4ceb25dc90e5453373d3f46
Certificate serial:       01857270F80F7014D76F7D3597B58281683D
Authority key identifier: E1:38:EC:24:2A:43:E9:C9:D4:CE:B2:5D:C9:0E:54:53:37:3D:3F:46
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4TjsJCpD6cnUzrJdyQ5UUzc9P0Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0f/0b7fd3-90f0-45d1-8a58-6785cd456871/1/9gaUfOMBQm2KM_-FVyRBbkK_6A4.roa
Signing time:             Mon 02 Jan 2023 12:24:44 +0000
ROA not before:           Mon 02 Jan 2023 12:24:44 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     43350
IP address blocks:        185.107.44.0/22 maxlen: 22
                          109.201.128.0/19 maxlen: 19
                          185.107.45.0/24 maxlen: 24
                          185.107.56.0/22 maxlen: 22
                          185.107.68.0/22 maxlen: 22
                          185.107.80.0/22 maxlen: 22
                          185.107.37.0/24 maxlen: 24
                          185.107.36.0/24 maxlen: 24
                          185.107.38.0/24 maxlen: 24
                          212.92.112.0/21 maxlen: 21
                          212.92.120.0/22 maxlen: 22
                          212.92.124.0/23 maxlen: 23
                          92.114.100.0/24 maxlen: 24
                          92.114.100.0/22 maxlen: 22
                          89.38.160.0/22 maxlen: 22
                          85.159.232.0/21 maxlen: 24
                          46.166.176.0/20 maxlen: 21
                          37.143.32.0/21 maxlen: 24
                          185.107.92.0/22 maxlen: 22
                          185.107.100.0/22 maxlen: 24
                          185.107.116.0/22 maxlen: 24
                          46.166.128.0/19 maxlen: 24
                          212.92.104.0/21 maxlen: 21
                          185.11.144.0/24 maxlen: 24
                          37.156.228.0/24 maxlen: 24
                          188.209.57.0/24 maxlen: 24
                          188.209.56.0/24 maxlen: 24
                          37.153.168.0/22 maxlen: 22
                          77.247.176.0/24 maxlen: 24
                          77.247.176.0/21 maxlen: 21
                          5.104.136.0/21 maxlen: 24
                          185.7.76.0/22 maxlen: 22
                          176.126.232.0/24 maxlen: 24
                          176.126.233.0/24 maxlen: 24
                          2a00:1768::/32 maxlen: 36

Validation:               Failed, certificate revoked on Tue 14 Mar 2023 12:36:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:72:70:f8:0f:70:14:d7:6f:7d:35:97:b5:82:81:68:3d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e138ec242a43e9c9d4ceb25dc90e5453373d3f46
        Validity
            Not Before: Jan  2 12:24:44 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=f606947ce301426d8a33ff855724416e42bfe80e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:be:8f:5b:e3:c9:6c:81:dc:8b:19:72:3a:2e:
                    de:5c:03:38:c3:c2:92:e7:41:10:4c:3e:f9:10:23:
                    60:ac:41:fb:a4:09:9d:75:cc:66:0e:2f:74:c8:f3:
                    02:62:a9:9d:6e:3d:f0:83:ea:0f:10:d1:f5:a7:de:
                    5d:2f:0b:66:77:28:03:70:de:c9:63:f5:1d:99:bb:
                    4a:db:92:cc:da:f8:b2:90:ae:81:30:16:2e:3c:3a:
                    eb:1c:f9:e0:8e:7c:86:f5:e9:fb:d4:ee:a8:b1:54:
                    83:4d:ff:9f:44:c6:66:40:2e:00:11:fe:02:e1:29:
                    0a:66:74:bb:64:8f:88:4f:98:2b:8d:83:f8:c7:1e:
                    dc:05:02:bc:21:9a:0b:76:f2:f7:7f:55:c0:86:95:
                    de:70:63:58:0f:53:04:f7:3d:2c:96:1b:f6:4b:63:
                    60:ff:09:ea:25:20:6d:10:5e:86:a0:2f:d2:99:2e:
                    d9:ab:2b:20:56:ea:0e:cc:e9:e1:7c:2b:6e:9e:f3:
                    b4:93:b9:cb:f5:0c:bf:b2:54:79:8d:dc:66:b3:12:
                    f8:c3:59:71:3f:e2:90:c0:40:24:c6:dd:5a:0e:ca:
                    68:cf:88:dd:01:e8:f3:5a:71:a4:4c:28:7b:f7:72:
                    36:8a:b2:cc:90:9d:5a:76:f3:f0:50:b7:9e:5f:ea:
                    2c:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F6:06:94:7C:E3:01:42:6D:8A:33:FF:85:57:24:41:6E:42:BF:E8:0E
            X509v3 Authority Key Identifier:
                keyid:E1:38:EC:24:2A:43:E9:C9:D4:CE:B2:5D:C9:0E:54:53:37:3D:3F:46

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4TjsJCpD6cnUzrJdyQ5UUzc9P0Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/0b7fd3-90f0-45d1-8a58-6785cd456871/1/9gaUfOMBQm2KM_-FVyRBbkK_6A4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/0b7fd3-90f0-45d1-8a58-6785cd456871/1/4TjsJCpD6cnUzrJdyQ5UUzc9P0Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.104.136.0/21
                  37.143.32.0/21
                  37.153.168.0/22
                  37.156.228.0/24
                  46.166.128.0/19
                  46.166.176.0/20
                  77.247.176.0/21
                  85.159.232.0/21
                  89.38.160.0/22
                  92.114.100.0/22
                  109.201.128.0/19
                  176.126.232.0/23
                  185.7.76.0/22
                  185.11.144.0/24
                  185.107.36.0-185.107.38.255
                  185.107.44.0/22
                  185.107.56.0/22
                  185.107.68.0/22
                  185.107.80.0/22
                  185.107.92.0/22
                  185.107.100.0/22
                  185.107.116.0/22
                  188.209.56.0/23
                  212.92.104.0-212.92.125.255
                IPv6:
                  2a00:1768::/32

    Signature Algorithm: sha256WithRSAEncryption
         47:77:c4:4d:34:0c:93:78:d2:45:b6:bd:f3:97:a9:19:54:20:
         f8:28:24:7f:5f:59:14:2f:ba:fc:4d:03:61:1b:21:d4:8d:17:
         16:da:e1:fc:d3:53:68:38:c8:a9:c3:99:9d:7a:c5:ff:8d:3c:
         68:84:61:81:fd:6a:36:d7:b5:f3:76:33:6d:90:3c:71:7e:86:
         6c:76:76:e8:fc:78:fb:52:8f:8e:c0:e2:9a:c3:79:c7:cd:c8:
         0b:3e:87:cc:05:48:38:ee:0e:7c:32:af:ab:4f:f5:e8:bc:f7:
         2c:3e:be:f3:71:4b:2d:ca:4d:63:82:2e:ba:9c:1a:77:a4:0c:
         ac:3c:a4:31:d7:00:cd:6c:67:14:40:81:10:33:71:cc:84:5a:
         2e:c5:26:0a:c9:db:84:e0:b7:8f:d5:6e:c9:93:2b:3f:36:8c:
         43:ca:0c:cb:20:f3:b2:f0:85:bc:f2:34:a0:b6:8e:9a:0e:50:
         59:a4:33:10:93:0d:b8:6d:6e:bb:df:66:35:68:ea:fc:ed:65:
         ed:8f:c6:c0:eb:1f:98:58:65:b0:bc:37:22:71:86:d0:f9:32:
         78:41:b7:8c:86:5e:1b:68:2b:74:35:24:1f:f1:c4:d2:f8:8a:
         ad:ff:33:13:14:67:3f:5e:c2:f7:c4:ed:45:48:40:47:12:67:
         d8:a6:d9:88
-----BEGIN CERTIFICATE-----
MIIFqzCCBJOgAwIBAgISAYVycPgPcBTXb301l7WCgWg9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUxMzhlYzI0MmE0M2U5YzlkNGNlYjI1ZGM5MGU1NDUzMzcz
ZDNmNDYwHhcNMjMwMTAyMTIyNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNjA2OTQ3Y2UzMDE0MjZkOGEzM2ZmODU1NzI0NDE2ZTQyYmZlODBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzb6PW+PJbIHcixlyOi7eXAM4w8KS
50EQTD75ECNgrEH7pAmddcxmDi90yPMCYqmdbj3wg+oPENH1p95dLwtmdygDcN7J
Y/UdmbtK25LM2viykK6BMBYuPDrrHPngjnyG9en71O6osVSDTf+fRMZmQC4AEf4C
4SkKZnS7ZI+IT5grjYP4xx7cBQK8IZoLdvL3f1XAhpXecGNYD1ME9z0slhv2S2Ng
/wnqJSBtEF6GoC/SmS7ZqysgVuoOzOnhfCtunvO0k7nL9Qy/slR5jdxmsxL4w1lx
P+KQwEAkxt1aDspoz4jdAejzWnGkTCh793I2irLMkJ1advPwULeeX+osHQIDAQAB
o4ICtzCCArMwHQYDVR0OBBYEFPYGlHzjAUJtijP/hVckQW5Cv+gOMB8GA1UdIwQY
MBaAFOE47CQqQ+nJ1M6yXckOVFM3PT9GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNFRqc0pDcEQ2Y25VenJKZHlRNVVVemM5UDBZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi8wYjdmZDMtOTBmMC00NWQxLThhNTgt
Njc4NWNkNDU2ODcxLzEvOWdhVWZPTUJRbTJLTV8tRlZ5UkJia0tfNkE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi8wYjdmZDMtOTBmMC00NWQxLThhNTgtNjc4NWNkNDU2ODcx
LzEvNFRqc0pDcEQ2Y25VenJKZHlRNVVVemM5UDBZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHMBggrBgEFBQcBBwEB/wSBvDCBuTCBpwQCAAEwgaADBAMF
aIgDBAMljyADBAIlmagDBAAlnOQDBAUupoADBAQuprADBANN97ADBANVn+gDBAJZ
JqADBAJccmQDBAVtyYADBAGwfugDBAK5B0wDBAC5C5AwDAMEArlrJAMEALlrJgME
ArlrLAMEArlrOAMEArlrRAMEArlrUAMEArlrXAMEArlrZAMEArlrdAMEAbzRODAM
AwQD1FxoAwQB1Fx8MA0EAgACMAcDBQAqABdoMA0GCSqGSIb3DQEBCwUAA4IBAQBH
d8RNNAyTeNJFtr3zl6kZVCD4KCR/X1kUL7r8TQNhGyHUjRcW2uH801NoOMipw5md
esX/jTxohGGB/Wo217XzdjNtkDxxfoZsdnbo/Hj7Uo+OwOKaw3nHzcgLPofMBUg4
7g58Mq+rT/XovPcsPr7zcUstyk1jgi66nBp3pAysPKQx1wDNbGcUQIEQM3HMhFou
xSYKyduE4LeP1W7Jkys/NoxDygzLIPOy8IW88jSgto6aDlBZpDMQkw24bW6732Y1
aOr87WXtj8bA6x+YWGWwvDcicYbQ+TJ4QbeMhl4baCt0NSQf8cTS+Iqt/zMTFGc/
XsL3xO1FSEBHEmfYptmI
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:58 2024 by rpki-client on console-fra.rpki-client.org